Specifying a Secure Communication Protocol

You can choose the communication protocol to be used for each of the following services:

• Appliance Management Web User Interface

• Secure LDAP Services

• Updater Service

• End-User Access to the Spam Quarantine

Note	The Updater Service and Secure LDAP Services use TLSv1.1 and TLSv1.2 methods on a newly installed appliance. The Appliance Management Web User Interface uses TLSv1.1 and TLSv1.2 methods by default, and TLSv1.3 method is disabled by default on a newly installed appliance.

To view the currently selected protocols and available options or to change protocols, use the sslconfig command in the command-line interface. The changes made using the sslconfig command require a Commit. The affected services will be briefly interrupted after you commit changes using the sslconfig command.

If you are using a local (remote) Updater Service and for all other services and web browsers, the protocol you choose must be supported by and enabled on the server and tools you use. One of the available options must be enabled for each service you use.

For information on Peer Certificate FQDN Validation, see FQDN.

For information on Peer Certificate X509 Validation, see X.509 Certificate.